Change in one permission set reflected in other set?
NATIVE (default)
ACL is checked.
UNIX rights are checked.
No
UNIX
ACL and UNIX rights are checked.
NT
ACL is checked.
ACL and UNIX rights are checked.
SECURE
ACL and UNIX rights are checked.
MIXED
ACL is checked. If there is no ACL, one is created based on the UNIX mode bits. Access is also determined by the ACL.
NFSv4 clients can manage the ACL.
yes
An ACL modification rebuilds the UNIX mode bits but the UNIX rights are not checked.
A modification to the UNIX mode bits rebuilds the ACL permissions but the UNIX rights are not checked.
MIXED_COMPAT
If the permissions of a file or directory were last set or changed by a CIFS client, the ACL is checked and the UNIX rights are rebuilt but are not checked. If the permissions of a file or directory were last set or changed by an NFS client, the UNIX rights are checked and the ACL is rebuilt but is not checked.
NFSv4 clients can manage the ACL.
If the permissions of a file or directory were last set or changed by an NFS client, the UNIX rights are checked and the ACL is rebuilt but is not checked. If the permissions of a file or directory were last set or changed by a CIFS client, the ACL is checked and the UNIX rights are rebuilt but are not checked.
SteveZhou
136 消息
0
2012年3月14日 02:00
由于Celerra文件系统支持多种协议同时访问,因此系统需要确定如何做访问授权。
对于Windows用户,系统会比对ACL进行授权
对于UNIX用户,系统会比对mode bits进行授权
具体采用哪种方式授权取决于access-checking policy。Access-checking policy是在mount 文件系统的时候指定的,默认是NATIVE。
一般来说无法特别指定,除非同一个文件系统即需要被Windows用户访问,又要被UNIX/LINUX用户访问。
详见如下文档:
http://powerlink.emc.com/km/live1/en_US/Offering_Technical/Technical_Documentation/300-009-945_a01.pdf?mtcs=ZXZlbnRUeXBlPUttQ2xpY2tDb250ZW50RXZlbnQsZG9jdW1lbnRJZD0wOTAxNDA2NjgwNWFiM2YzLG5hdmVOb2RlPVNvZndhcmVEb3dubG9hZHMtMg__
Jeffey1
2.8K 消息
0
2012年3月13日 22:00
在多协议环境中,Celerra使用Access-checking policy管理文件系统的接入,只在文件系统同时使用NFS和CIFS时才需要使用。一共有六种类型:NATIVE, NT, UNIX, SECURE, MIXED和MIXED_COMPAT,系统默认NATIVE模式,即CIFS客户端访问文件系统使用ACL认证,NFS客户端访问文件系统使用UNIX认证。
Jeffey1
2.8K 消息
1
2012年3月14日 02:00
这个表解释了Access-checking Policy六种类型的区别:
Access-checking policy
CIFS clients
NFS clients
Change in one permission set reflected in other set?
NATIVE (default)
ACL is checked.
UNIX rights are checked.
No
UNIX
ACL and UNIX rights are checked.
NT
ACL is checked.
ACL and UNIX rights are checked.
SECURE
ACL and UNIX rights are checked.
MIXED
ACL is checked. If there is no ACL, one is created based on the UNIX mode bits. Access is also determined by the ACL.
NFSv4 clients can manage the ACL.
yes
An ACL modification rebuilds the UNIX mode bits but the UNIX rights are not checked.
A modification to the UNIX mode bits rebuilds the ACL permissions but the UNIX rights are not checked.
MIXED_COMPAT
If the permissions of a file or directory were last set or changed by a CIFS client, the ACL is checked and the UNIX rights are rebuilt but are not checked. If the permissions of a file or directory were last set or changed by an NFS client, the UNIX rights are checked and the ACL is rebuilt but is not checked.
NFSv4 clients can manage the ACL.
If the permissions of a file or directory were last set or changed by an NFS client, the UNIX rights are checked and the ACL is rebuilt but is not checked. If the permissions of a file or directory were last set or changed by a CIFS client, the ACL is checked and the UNIX rights are rebuilt but are not checked.
NFSv4 clients can manage the ACL.